Skip to main content
patrickwilson82
patrickwilson82
New Member
March 19, 2018
Solved

Point Fortimail to Zimbra

  • March 19, 2018
  • 1 reply
  • 11017 views

Hi there,

 

I'm setting up a new Fortimail unit and I want to set it in Gateway mode. I have a DNS record mail.mydomain.com that currently is pointed to my mail server via a virtual IP set up in my Fortigate. I don't particularly want to change my MX record to the FDQN of my Fortimail, because I have users out in the field who need to be able to access the webmail site for my Zimbra server. Is there another way of setting this up in Gateway mode without having to change my MX record? Thanks in advance for the help.

    Best answer by Carl_Windsor_FTNT

    Don't make any changes to your DNS settings - mail.mydomain.com still points at your FortiGate.

     

    On the FortiGate, create 2 Port Forwarding VIPs:

    [ul]
  • mail.mydomain.com:25 --> FortiMail (which relays cleaned mail to the Zimbra)
  • mail.mydomain.com:443 --> Zimbra [/ul]

    Zimbra WebMail HTTPS traffic goes direct to the server then.

     

    Carl

    • 1 reply

    emnoc
    emnoc
    New Member
    March 19, 2018

    You need to  enable the mail-routing or smart relay   based on a  recipient   address

     

    https://forum.fortinet.com/tm.aspx?m=98405

     

    Ken

    Carl_Windsor_FTNT
    Staff
    Carl_Windsor_FTNT
    Staff
    March 20, 2018

    >mail.mydomain.com that currently is pointed to my mail server via a virtual IP set up in my

    >Fortigate. I don't particularly want to change my MX record to the FDQN of my Fortimail,

    >because I have users out in the field who need to be able to access the webmail site for my

    >Zimbra server.

     

    Why don't you just VIP with Port Forwarding for mail.mydomain.com:443 to the Zimbra server and  mail.mydomain.com:25 to the FortiMail?  No changes to DNS/MX records are needed and you can flick back easily if something breaks.   

     

    There is a video on this here.

    patrickwilson82
    patrickwilson82Author
    New Member
    March 21, 2018

    Carl Windsor wrote:

    >mail.mydomain.com that currently is pointed to my mail server via a virtual IP set up in my

    >Fortigate. I don't particularly want to change my MX record to the FDQN of my Fortimail,

    >because I have users out in the field who need to be able to access the webmail site for my

    >Zimbra server.

     

    Why don't you just VIP with Port Forwarding for mail.mydomain.com:443 to the Zimbra server and  mail.mydomain.com:25 to the FortiMail?  No changes to DNS/MX records are needed and you can flick back easily if something breaks.   

     

    There is a video on this here.

    Carl,

     

    I guess what I'm not clear on, is when I point mail.mydomain.com to the Fortimail for port 443 incoming, would it then go to Zimbra through the relay settings inside the Fortimail?

    Terms & ConditionsAccessibility statement